search

spenczar / lektor-s3

Plugin to deploy a Lektor project to an S3 bucket
MIT License
44 stars 10 forks source link

Error: "The authorization mechanism you have provided is not supported." #15

Closed mkjsix closed 6 years ago

mkjsix commented 7 years ago

Hi,

I'm trying to deploy to a S3 bucker in the Frankfurt region but I receive the following error:

botocore.exceptions.ClientError: An error occurred (InvalidRequest) when calling the ListObjects operation: The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.

I've found a plausible explanation for this in Stackoverflow:

AWS4-HMAC-SHA256, also known as Signature Version 4, ("V4") is one of two authentication schemes supported by S3.

All regions support V4, but US-Standard¹, and many -- but not all -- other regions, also support the other, older scheme, Signature Version 2 ("V2").

According to http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html ... new S3 regions deployed after January, 2014 will only support V4.

Since Frankfurt was introduced late in 2014, it does not support V2, which is what this error suggests you are using.

http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html explains how to enable V4 in the various SDKs, assuming you are using an SDK that has that capability.

Rif: http://stackoverflow.com/questions/26533245/the-authorization-mechanism-you-have-provided-is-not-supported-please-use-aws4?answertab=votes#tab-top

Could you please help with this? I must deploy on this AWS region.

Thank you.

spenczar commented 7 years ago

Ouch. The underlying issue looks like it's a problem in boto, to me, based on https://github.com/boto/boto/issues/2741.

There are numerous workarounds suggested in there, through stuff like creating a file at ~/.boto which contains this:

[s3]
host=s3.eu-central-1.amazonaws.com

But that's a kind of crappy solution. In the short term, that might be the best way to be able to deploy; I'll look around to see if there's a more elegant fix.

mkjsix commented 7 years ago

Thanks @spenczar Meanwhile I'm just using the aws cli to sync the 'dist' folder with the S3 bucket manually, it's not a big deal.

moneyit commented 6 years ago

Did they fix this issue ? I have the same issue when copy file/folder in s3 bucket stay at eu-central-1, but in console i get this issue $ aws s3 cp --recursive s3://bucketname/static-assets/access/ . --region=eu-central-1 usage: aws [options] [parameters] aws: error: argument --region: Invalid choice, valid choices are:

ap-southeast-2 | cn-north-1 ap-northeast-1 | sa-east-1 eu-west-1 | fips-us-gov-west-1 us-west-2 | us-west-1 us-east-1 | us-gov-west-1 ap-southeast-1

And here A client error (InvalidRequest) occurred when calling the ListObjects operation: The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256. Completed 1 part(s) with ... file(s) remaining

mkjsix commented 6 years ago

@Van-Tien I ended up using my own bash scripts for this, they are working fine. In your case I guess your AWS administrator is explicitly excluding eu-central-1 from the available regions.